4 matches found
golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents
A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability...
CVE-2023-34455
snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to 1.1.10.1. The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does...
CVE-2023-34455
CVE-2023-34455 concerns snappy-java. The issue arises from an unchecked chunk length in SnappyInputStream.hasNextChunk, which can allocate a negative or excessively large array when handling untrusted input, potentially causing a java.lang.NegativeArraySizeException or java.lang.OutOfMemoryError....
golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents
A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability...